7.6
/ 10
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Description
A remote unauthenticated attacker may use the unauthenticated C++ API to access or modify sensitive data and disrupt services.
Basic Information
ID
CVE-2025-59461
Source
SICK AG
Published
Oct 27, 2025 at 10:11
Affected Product
Vendor
SICK AG
Product
TLOC100-100 all Firmware versions
Version
all versions
Affected Versions
SICK AG TLOC100-100 all Firmware versions all versions
CWE Classification
References
- sick.com /psirt
- www.sick.com /media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
- www.cisa.gov /resources-tools/resources/ics-recommended-practices
- www.first.org /cvss/calculator/3.1
- www.sick.com /.well-known/csaf/white/2025/sca-2025-0013.json
- www.sick.com /.well-known/csaf/white/2025/sca-2025-0013.pdf